KVM TickPolicy

T

TheHermit

New Member
Sep 13, 2015
3
0
1
Good afternoon.
Mysetup:
Manufacturer: Dell Server
Product Name: DCS CS24-NV7
CPU: 8*Quad-Core AMD Opteron Processor 2373 EE(2 sockets)
RAM: 64 Gb
Proxmox Version: 3.4-1/3f2d890e
Kernel Version: Linux 2.6.32-37-pve
Guest:Windows 7
Memory: 2.00Gb
Processors: 2(1 socket, 2 cores)
Display: Spice

I am trying to use ProxMox as the hypervisor for a malware analysis sandbox called Cuckoo. - cuckoosandbox.org
For the most part i have everything configured and working correctly with the API. Essentially Cuckoo tells proxmox to rollback to a snapshot and then executes a series of commands in the guest using a script on the windows OS, until it hits a time of +300 seconds.
My issue is in the way that the guest clock is 'caught up'. KVM will speed up the tick count until it has caught up with the current time, this has one of two issues, either all commands on the OS run incredibly quickly in line with the ticks. or the os is unresponsive until the time is synced.

This typically pushes the time over the 300 seconds resulting in a corrupted analysis or just results in a failed analysis.
According to libvirt i can set the tickpolicy - libvirt.org/formatdomain.html#elementsTime to discard or merge, which i hope will remove the issue i am having.

Any help on how i can set this to my guests?
Many thanks in advance
Kev
 
Last edited:
If you figure out the kvm command parameters that fit you, you can add a line like this to /etc/pve/qemu-server/VMID.conf

Code: 
args: -param value

The only related thing on KVM clock I could find is (from the manual page):

Code: 
-rtc [base=utc|localtime|date][,clock=host|vm][,driftfix=none|slew]
           Specify base as "utc" or "localtime" to let the RTC start at the
           current UTC or local time, respectively. "localtime" is required
           for correct date in MS-DOS or Windows. To start at a specific point
           in time, provide date in the format "2006-06-17T16:01:21" or
           "2006-06-17". The default base is UTC.


           By default the RTC is driven by the host system time. This allows
           using of the RTC as accurate reference clock inside the guest,
           specifically if the host time is smoothly following an accurate
           external reference clock, e.g. via NTP.  If you want to isolate the
           guest time from the host, you can set clock to "rt" instead.  To
           even prevent it from progressing during suspension, you can set it
           to "vm".


           Enable driftfix (i386 targets only) if you experience time drift
           problems, specifically with Windows' ACPI HAL. This option will try
           to figure out how many timer interrupts were not processed by the
           Windows guest and will re-inject them.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom